Documents released by Snowden show the extent to which Microsoft helped the NSA and other security agencies in the US. "Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal; The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail; The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide; [...] Skype, which was bought by Microsoft in October 2011, worked with intelligence agencies last year to allow Prism to collect video of conversations as well as audio; Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a 'team sport'." Wow. Just wow.

"That's the kind of pub talk that you end up having," says BindView security researcher Mark 'Simple Nomad' Loveless. "If you were the NSA, how would you backdoor someone's software? You'd put in the changes subtly. Very subtly."
"Whoever did this knew what they were doing," says Larry McVoy, founder of San Francisco-based BitMover, which hosts the Linux kernel development site that was compromised. "They had to find some flags that could be passed to the system without causing an error, and yet are not normally passed together... There isn't any way that somebody could casually come in, not know about Unix, not know the Linux kernel code, and make this change. Not a chance."

The problem with Linux is the extremely high code turn over. Most code is replaced within... 6(?) months. There is no way you can keep up and audit all changes. HP spends millions of USD to keep up with the device drivers, because Linux upgrades frequently breaks the drivers. HP has a very hard time to update only the HP drivers. Now imagine how hard it would be to scan new code for back doors? That is impossible. Especially when the back doors are as difficult to spot as in the link above. There are probably many more back doors that are not spotted.

OpenBSD seems to be much rigorous with the code review and audit. NSA probably hates OpenBSD because it is focused on security and being safe. Linux has a chaotic development process and all code is not reviewed nor understood, which makes Linux a haven for NSA and other malicious users. I would avoid the very complex SELinux additions from NSA, to make Linux "safer". God nows how many backdoors there are in SELinux.

http://www.forbes.com/2005/06/16/linux-bsd-unix-cz_dl_0616theo.html
"Lok Technologies , a San Jose, Calif.-based maker of networking gear, started out using Linux in its equipment but switched to OpenBSD four years ago after company founder Simon Lok, who holds a doctorate in computer science, took a close look at the Linux source code.
“You know what I found? Right in the kernel, in the heart of the operating system, I found a developer’s comment that said, ‘Does this belong here?’ “Lok says. “What kind of confidence does that inspire? Right then I knew it was time to switch.”

This proves that Linux developers does not review all code, nor understand what the code does. It is wildly chaotic with lots of contributions from everywhere, including from NSA.

http://www.kerneltrap.org/Linux/Active_Merge_Windows
"The [linux source code] tree breaks every day, and it's becomming an extremely non-fun environment to work in.
We need to slow down the merging, we need to review things more, we need people to test their f--king changes!"

From a security view point, Linux should be avoided. OpenBSD is built for safety and every line of code is reviewed and understood.

Only code that is actually a candidate to make it into the kernel needs to be audited, are you saying code gets merged into a mainline release without being audited? Show me some proof.

HP spends millions of USD to keep up with the device drivers, because Linux upgrades frequently breaks the drivers.

Citation needed.

OpenBSD seems to be much rigorous with the code review and audit.

No argument here, OpenBSD is the most security oriented operating system I can think of, of course it leads to drawbacks like being very slowly developed.

Also OpenBSD's focus on security above (pretty much) all else doesn't mean that Linux has 'bad' security in any way.

Linux has a chaotic development process and all code is not reviewed nor understood, which makes Linux a haven for NSA and other malicious users.

Bullshit, how is Linux development chaotic?

People/companies submit code, code is audited by the maintainer/maintainers of the specific subsystem the code belongs to, then if it passes their audit it's put in staging where it will go through testing and more eyeballs as at this stage it's actually a candidate for mainline.

Then when the subsystem maintainer feels the code is mature enough he/she waits for the merge window to open and then sends a pull request to Linus.

Linus then has the final say on whether or not it will make it into the merge window, if it does it will go through further testing during the merge window, and if it passes it will finally make it into a mainline release.

How is this a chaotic development process?

“You know what I found? Right in the kernel, in the heart of the operating system, I found a developer’s comment that said, ‘Does this belong here?’ “Lok says. “What kind of confidence does that inspire? Right then I knew it was time to switch.”

This proves that Linux developers does not review all code, nor understand what the code does.

A 2005 quote from some 'Lok' about a comment he found in the Linux source code, without any context whatsoever as to what the comment even related to is something you claim to be proof of Linux developers not reviewing or understanding the code? Your trolling seems to know no bounds.

Now that you seem to have given up championing Solaris you've instead embarked on a anti-Linux crusade, I guess I shouldn't be surprised.

It is wildly chaotic with lots of contributions from everywhere, including from NSA.

How is getting code contributions chaotic?

These contributions, if they make it into the kernel mainline release at all, only make it in once they've been audited and tested.

http://www.kerneltrap.org/Linux/Active_Merge_Windows
"The [linux source code] tree breaks every day, and it's becomming an extremely non-fun environment to work in.
We need to slow down the merging, we need to review things more, we need people to test their f--king changes!"

You dig up a 5 year old e-mail where a developer states that they need to slow down the amount of merging during the merge window or make the merge window longer as proof of what exactly?

That five years ago they had a dialogue about the amount of code which should be merged during a merge window?

Only code that is actually a candidate to make it into the kernel needs to be audited, are you saying code gets merged into a mainline release without being audited? Show me some proof. "
I am saying that the code audit and review process is crippled because of the high code turn over. No one can keep up with those amounts of new code that gets incorportaed in Linux. I showed you proof in the links. For instance, the last link says "we need to review things more". Read it.

"HP spends millions of USD to keep up with the device drivers, because Linux upgrades frequently breaks the drivers.

No argument here, OpenBSD is the most security oriented operating system I can think of, of course it leads to drawbacks like being very slowly developed. Also OpenBSD's focus on security above (pretty much) all else doesn't mean that Linux has 'bad' security in any way. "
I am not saying that Linux has bad security, I am saying that Linux has some problems in the code review and audit process. Just read my links. Much code gets accepted without anyone knowing what it really does. For instance, the link with "Does this belong here?"

"Linux has a chaotic development process and all code is not reviewed nor understood, which makes Linux a haven for NSA and other malicious users.

Bullshit, how is Linux development chaotic? "
Maybe "chaotic" was not the correct word. But fact is that the code review process is too sloppy, just read the links to Linux devs who complain that they need to review things more. So much Linux code gets accepted from anyone that no one can review all the new code. Just read my links.

" “You know what I found? Right in the kernel, in the heart of the operating system, I found a developer’s comment that said, ‘Does this belong here?’ “Lok says. “What kind of confidence does that inspire? Right then I knew it was time to switch.” This proves that Linux developers does not review all code, nor understand what the code does.

A 2005 quote from some 'Lok' about a comment he found in the Linux source code, without any context whatsoever as to what the comment even related to is something you claim to be proof of Linux developers not reviewing or understanding the code? "
I doubt OpenBSD devs does accept that much code that they dont know what all code does. This link is an example of Linux devs accepting code that they dont know what it does. It does not give confidence to the Linux code review process, does it?

Your trolling seems to know no bounds. Now that you seem to have given up championing Solaris you've instead embarked on a anti-Linux crusade, I guess I shouldn't be surprised.

-I have not given up Solaris. The thing is, when we talk about security then OpenBSD has the best reputation, so I advocate OpenBSD.
-When we talk about innovative Unix, I advocate Solaris because it is best (everybody talks about ZFS (BTRFS), DTrace (Systemtap), SMF (systemd), Crossbow (openVswitch), Containers (Linux has copied this as well), etc. Linux has copied everything that Solaris has.
-And if we talk about stable OSes, then I advocate OpenVMS (OpenVMS clusters are brutal, and best in the world, with uptime surpassing Mainframes, measuring in decades).
-When we talk about innovative OS, I advocate Plan9 (my favourite OS).
-Best realtime Unix, I advocate QNX.
etc

Maybe you missed all my posts where I say that compared to OpenVMS, all Unix are unstable and can not compare? It seems that you believe I claim Solaris is best in every way? Secure, uptime, performance, realtime, etc? Well I dont. Solaris is the most innovative Unix, that is a fact (everybody tries to mimic Solaris - why if Solaris is bad?).

The thing is, Linux supporters believe Linux is best in every way, when in fact, it is terrible. It has bad scalability (show me any 32 cpu Linux servers for sale? There are none for sale, because Linux does not scale to 32 cpus), Linux has bad stability, it has bad security, The code is bad (according to Linux kernel devs, I can show you numerous links on this), etc

I would have no problems with Linux being bad, if Linux did not attack everyone, including OpenBSD (m*sturbating monkeys because they focus on security), Solairs (wished it was dead), etc. So my question is to you: why are you attacking everybody and every OS? Why not leave them be? Then we would not have to defend ourself. It is Linus Torvlads who has attitude problems with his big Ego, and he attacks everyone, including his own developers. Are you surprised other OS supporters gets upset when they are attacked? Why?

How is getting code contributions chaotic? These contributions, if they make it into the kernel mainline release at all, only make it in once they've been audited and tested.

But no one has time to audit everything. Just read my links "we need to review more". It is too much code accepted all the time. Too much is rewritten all the time. I have many links to Linux kernel devs, where they say that the Linux code quality is not good, and bad. You want to read all my links? I can post them for you if you wish.

Sure some links are a few years old, but I doubt the process is better today, because Linux is larger than ever and more bloated and more code than ever gets accepted every day. In the earlier days, less code was accepted. Today too much code is accepted, which no one has time to review thoroughly, so the review process is worse today.